Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Active Directoy 2003 Site and Services move server

Posted on 2011-09-30
3
Medium Priority
?
385 Views
Last Modified: 2012-05-12
I have a branch office that I am setting up with one 2003 DC.  I have created a new site under "site and services" and created the new subnet also.  However, when I try to move the branch office DC from the original site to the new one I get a "access is denied" error.  I am logged in as domain admin.  Any ideas what's going on here?

thanks
0
Comment
Question by:cbsykes
  • 2
3 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36895429
On Active Directory Sites and services go to security tab and add the admin user id with full control and check.

If  windows2008 DC exist in the network then on 2008 DC in ADSS on the Server object in ntds go to properties and remove  the check mark of Protect Objects from accidential deletion this might be preventing.Sample eg id given in below link.
http://blogs.technet.com/b/industry_insiders/archive/2007/10/31/windows-server-2008-protection-from-accidental-deletion.aspx

If above does not work then try with other admininstaror id to perform the same.If other admin account is not present create new userid and add the id to domain admin group and administartor group and check if this works.

0
 

Accepted Solution

by:
cbsykes earned 0 total points
ID: 36895562
Thanks for the reply.  I figured out the issue which was a deny permission that was set for the everyone group on all my DCs listed.  Once I removed the everyone group from each DC I was able to move my DC to the new site.  
0
 

Author Closing Comment

by:cbsykes
ID: 36915564
Figured out the issue on my own.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Let's recap what we learned from yesterday's Skyport Systems webinar.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question